home

svcprs32.exe

PureSight Technologies Ltd

It runs as a separate (within the context of its own process) windows Service named “WinSock Svchost Manager”.
Publisher:
PureSight Technologies Ltd  (signed and verified)

Description:
svcprs32.exe

Version:
6,2,4002

MD5:
d3ee3fe3e6ab9b691775df9e5d4a1ec1

SHA-1:
abf7f63c36cc07db0ded9033fe128534037bad77

SHA-256:
8ad8c584992b2c27dfa58a85334399cacdaee3c43f30199e30a2addc51faba9c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 7:22:34 PM UTC  (today)

File size:
1.3 MB (1,388,456 bytes)

Product version:
6,2,4002

Copyright:
Copyright © 2008

Original file name:
svcprs32.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\syswow64\svcprs32.exe

Digital Signature
Signed by:
PureSight Technologies Ltd

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
3/5/2010 2:00:00 AM

Valid to:
3/6/2011 1:59:59 AM

Subject:
CN=PureSight Technologies Ltd, OU=SECURE APPLICATION DEVELOPMENT, O=PureSight Technologies Ltd, L=Kfar Saba, S=Kfar Saba, C=IL

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
6CCF1005E33A8B148B50A51E4D6A7143

File PE Metadata
Compilation timestamp:
4/12/2010 3:40:03 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:fNvtNuTpJTpMniJki+w4iN90MOA7gOjyhCjvSjRGdtwb9BqutVdaxkYp5ew4hdLe:fZiN90MOA+sSj5o3YL9C

Entry address:
0x7E290

Entry point:
E8, 8C, F7, 00, 00, E9, 16, FE, FF, FF, FF, 35, FC, 2D, 55, 00, E8, 39, C2, 00, 00, 85, C0, 59, 74, 02, FF, D0, 6A, 19, E8, BB, B8, 00, 00, 6A, 01, 6A, 00, E8, EC, F8, 00, 00, 83, C4, 0C, E9, F1, F7, 00, 00, 56, FF, 35, FC, 2D, 55, 00, E8, 0E, C2, 00, 00, FF, 74, 24, 0C, 8B, F0, E8, 8C, C1, 00, 00, 59, 59, A3, FC, 2D, 55, 00, 8B, C6, 5E, C3, FF, 35, FC, 2D, 55, 00, E8, ED, C1, 00, 00, 59, C3, 55, 8B, EC, 83, EC, 20, 57, 56, E8, 00, E9, FF, FF, 33, FF, 3B, F7, 59, 75, 1D, E8, 96, BA, 00, 00, 57, 57, 57, 57...
 
[+]

Entropy:
6.3887

Code size:
1.1 MB (1,167,360 bytes)

Service
Display name:
WinSock Svchost Manager

Service name:
WinSvchostManager

Type:
Win32OwnProcess

Depends on:
RPCSS


Scan svcprs32.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.